package cn.sjtu.security.controller;

import lombok.extern.slf4j.Slf4j;
import org.apache.catalina.User;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;


/**
 * 主要的controller
 *
 */
@Controller
@Slf4j
public class HelloController {

    @GetMapping("login")
    public String login() {
        // return "login";
        return "login2"; // 测试自己写的带验证码的视图
    }

    @GetMapping("index")
    public String index() {
        return "index";
    }

    @PreAuthorize("hasAuthority('p1')")
    @GetMapping("hello1")
    @ResponseBody
    public String hello1() {
        return "hello1 security p1权限才能进来";
    }

    @PreAuthorize("hasAuthority('p2')")
    @GetMapping("hello2")
    @ResponseBody
    public String hello2() {
        return "hello2 security p2权限才能进来";
    }

//    @GetMapping("auth")
//    @ResponseBody
//    public void auth() {
//        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
//        UserDetails principal = (UserDetails)authentication.getPrincipal();
//    }

}
